Bug 203288
| Summary: | axge(4) panics on unplug | ||
|---|---|---|---|
| Product: | Base System | Reporter: | Conrad Meyer <cem> |
| Component: | kern | Assignee: | freebsd-net (Nobody) <net> |
| Status: | Closed Overcome By Events | ||
| Severity: | Affects Some People | CC: | thj |
| Priority: | --- | ||
| Version: | CURRENT | ||
| Hardware: | Any | ||
| OS: | Any | ||
I was unable to reproduce on 12.1-RELEASE using the below device, could you confirm that this still panics?
<D-Link Elec. Corp. D-Link DUB-1312> at usbus0
axge0 on uhub1
axge0: <NetworkInterface> on usbus0
miibus0: <MII bus> on axge0
rgephy0: <RTL8169S/8110S/8211 1000BASE-T media interface> PHY 3 on miibus0
rgephy0: none, 10baseT, 10baseT-FDX, 10baseT-FDX-flow, 100baseTX, 100baseTX-FDX, 100baseTX-FDX-flow, 1000baseT-FDX, 1000baseT-FDX-master, 1000baseT-FDX-flow, 1000baseT-FDX-flow-master, auto, auto-flow
ugen0.2: <D-Link Elec. Corp. D-Link DUB-1312> at usbus0 (disconnected)
axge0: at uhub1, port 1, addr 1 (disconnected)
rgephy0: detached
miibus0: detached
axge0: detached
|
ifconfig(1) tickling axge(4) on uether, unconfigured. Non-DEBUG kernel: __mtx_lock_sleep on offset from NULL: 0x3a0 bt: __mtx_lock_sleep usbd_do_request_flags+0xa23 usbd_do_request_proc+0x6c axge_read_mem+0xdb axge_read_cmd_2+0x42 axge_miibus_readreg+0xb4 rgephy_status+0x80 rgephy_service+0x374 mii_pollstat+0x56 axge_ifmedia_sts+0x61 ifmedia_ioctl+0x178 uether_ioctl+0x2cb axge_ioctl+0x233 ifioctl+0xb4f kern_ioctl+0x414 sys_ioctl+0x153 ... Last messages before panic: ugen0.2: <ASIX Elec. Corp.> at usbus0 (disconnected) axge0: at uhub0, port 5, addr 1 (disconnected) rgephy0: detached miibus0: detached Relevent GDB trace: ... #11 0xffffffff808d89f3 in usbd_do_request_flags (udev=<value optimized out>, mtx=<value optimized out>, req=0xfffffe02257924b0, data=0xfffffe0225792500, flags=977, actlen=<value optimized out>, timeout=Cannot access memory at address 0x7530 ) at /usr/home/cmeyer/src/freebsd/sys/dev/usb/usb_request.c:732 #12 0xffffffff808d8a7c in usbd_do_request_proc (udev=0xfffff800078f8000, pproc=0xfffff8000787b440, req=0xfffffe02257924b0, data=0xfffffe0225792500, flags=0, actlen=0x0, timeout=<value optimized out>) at /usr/home/cmeyer/src/freebsd/sys/dev/usb/usb_request.c:766 #13 0xffffffff8260dd2b in axge_read_mem (sc=0xfffff8000787b400, cmd=2 '\002', index=1, val=3, buf=0xfffffe0225792500, len=2) at /usr/home/cmeyer/src/freebsd/sys/modules/usb/axge/../../../dev/usb/net/if_axge.c:221 #14 0xffffffff8260dd82 in axge_read_cmd_2 (sc=0xfffff8000787b400, cmd=2 '\002', index=1, reg=3) at /usr/home/cmeyer/src/freebsd/sys/modules/usb/axge/../../../dev/usb/net/if_axge.c:258 #15 0xffffffff8260d384 in axge_miibus_readreg (dev=0xfffff8000781ae00, phy=3, reg=1) at /usr/home/cmeyer/src/freebsd/sys/modules/usb/axge/../../../dev/usb/net/if_axge.c:290 #16 0xffffffff80635de0 in rgephy_status (sc=0xfffff8000782c080) at miibus_if.h:26 #17 0xffffffff80635d14 in rgephy_service (sc=0xfffff8000782c080, mii=0xfffff8000782be00, cmd=3) at /usr/home/cmeyer/src/freebsd/sys/dev/mii/rgephy.c:260 #18 0xffffffff806319d6 in mii_pollstat (mii=0xfffff8000782be00) at /usr/home/cmeyer/src/freebsd/sys/dev/mii/mii.c:611 #19 0xffffffff8260e681 in axge_ifmedia_sts (ifp=0xfffff800044c7800, ifmr=0xfffffe02257928e0) at /usr/home/cmeyer/src/freebsd/sys/modules/usb/axge/../../../dev/usb/net/if_axge.c:508 #20 0xffffffff80b8d448 in ifmedia_ioctl (ifp=0xfffff8000787b6c0, ifr=0xfffffe02257928e0, ifm=0xfffff8000782be00, cmd=<value optimized out>) at /usr/home/cmeyer/src/freebsd/sys/net/if_media.c:309 #21 0xffffffff82613f8b in uether_ioctl (ifp=0xfffff800044c7800, command=3224398136, data=0xfffffe02257928e0 "ue0") at /usr/home/cmeyer/src/freebsd/sys/modules/usb/uether/../../../dev/usb/net/usb_ethernet.c:528 #22 0xffffffff8260ea73 in axge_ioctl (ifp=0xfffff800044c7800, cmd=3224398136, data=0xfffffe02257928e0 "ue0") at /usr/home/cmeyer/src/freebsd/sys/modules/usb/axge/../../../dev/usb/net/if_axge.c:923 #23 0xffffffff80b82d5f in ifioctl (so=<value optimized out>, cmd=<value optimized out>, data=<value optimized out>, td=<value optimized out>) at /usr/home/cmeyer/src/freebsd/sys/net/if.c:2506 #24 0xffffffff80af69f4 in kern_ioctl (td=0xfffff80042627000, fd=<value optimized out>, com=18446735278730276864, data=<value optimized out>) at file.h:326 #25 0xffffffff80af6533 in sys_ioctl (td=0xfffff80042627000, uap=0xfffffe0225792a40) at /usr/home/cmeyer/src/freebsd/sys/kern/sys_generic.c:723 ... (kgdb) fr 12 #12 0xffffffff808d8a7c in usbd_do_request_proc (udev=0xfffff800078f8000, pproc=0xfffff8000787b440, req=0xfffffe02257924b0, data=0xfffffe0225792500, flags=0, actlen=0x0, timeout=<value optimized out>) at /usr/home/cmeyer/src/freebsd/sys/dev/usb/usb_request.c:766 766 err = usbd_do_request_flags(udev, pproc->up_mtx, (kgdb) p pproc $2 = (struct usb_process *) 0xfffff8000787b440 (kgdb) p pproc.up_mtx $3 = (struct mtx *) 0x0 (kgdb) p *pproc $4 = { up_qhead = { tqh_first = 0x0, tqh_last = 0xfffff8000787b440 }, up_cv = { cv_description = 0xffffffff8141c9b0 "-", cv_waiters = 0 }, up_drain = { cv_description = 0xffffffff81403370 "usbdrain", cv_waiters = 0 }, up_ptr = 0x0, up_curtd = 0xfffff80007fcc9a0, up_mtx = 0x0, up_msg_num = 0, up_prio = 32 ' ', up_gone = 1 '\001', up_msleep = 0 '\0', up_csleep = 0 '\0', up_dsleep = 0 '\0' } I have a core, although I don't have time to debug it myself right now nor do I want to publish it widely. If it would help, I can probably arrange to get it to some FreeBSD committer for further debugging. Anyway, it is easy to reproduce.